blob: f9a9af34d86ae42e228dd9350a1192f809fd207b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=krb5
pkgver=1.18.5
pkgrel=0
pkgdesc="The Kerberos network authentication system"
url="https://web.mit.edu/kerberos/www/"
arch="all"
license="MIT"
depends="krb5-conf"
depends_dev="e2fsprogs-dev"
makedepends="$depends_dev libverto-dev openldap-dev openssl-dev
keyutils-dev bison flex perl"
options="suid"
subpackages="$pkgname-dev $pkgname-doc $pkgname-server
$pkgname-server-openrc:server_openrc $pkgname-server-ldap:ldap
$pkgname-pkinit $pkgname-libs"
_maj_min=$pkgver
case $pkgver in
*.*.*) _maj_min=${pkgver%.*} ;;
esac
source="https://web.mit.edu/kerberos/dist/krb5/$_maj_min/krb5-$pkgver.tar.gz
mit-krb5_krb5-config_LDFLAGS.patch
krb5kadmind.initd
krb5kdc.initd
krb5kpropd.initd
"
builddir="$srcdir/$pkgname-$pkgver/src"
# secfixes:
# 1.18.5-r0:
# - CVE-2021-37750
# 1.18.4-r0:
# - CVE-2021-36222
# 1.18.3-r0:
# - CVE-2020-28196
# 1.15.4-r0:
# - CVE-2018-20217
# 1.15.3-r0:
# - CVE-2017-15088
# - CVE-2018-5709
# - CVE-2018-5710
build() {
./configure \
CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \
WARN_CFLAGS= \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--localstatedir=/var/lib \
--enable-shared \
--disable-nls \
--disable-static \
--disable-rpath \
--with-system-et \
--with-system-ss \
--with-system-verto \
--without-tcl \
--with-ldap
make
}
check() {
make check-unix
}
package() {
make install DESTDIR="$pkgdir"
mkdir -p "$pkgdir"/usr/share/doc/$pkgname
mv "$pkgdir"/usr/share/examples "$pkgdir"/usr/share/doc/$pkgname/
}
server() {
pkgdesc="The KDC and related programs for Kerberos 5"
depends="libverto-libev"
mkdir -p "$subpkgdir"/usr/share \
"$subpkgdir"/usr/bin
install -d "$subpkgdir"/var/lib/krb5kdc
mv "$pkgdir"/usr/sbin "$subpkgdir"/usr/
# used for testing server
amove usr/bin/sclient
}
server_openrc() {
pkgdesc="The KDC and related programs for Kerberos 5 (OpenRC init scripts)"
install_if="$pkgname-server=$pkgver-r$pkgrel openrc"
for i in $source; do
case $i in
*.initd) install -Dm755 "$srcdir"/$i \
"$subpkgdir"/etc/init.d/${i%.initd};;
esac
done
}
ldap() {
pkgdesc="The LDAP storage plugin for the Kerberos 5 KDC"
install -Dm644 \
-t "$subpkgdir"/usr/share/kerberos \
"$builddir"/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif \
"$builddir"/plugins/kdb/ldap/libkdb_ldap/kerberos.openldap.ldif
amove usr/lib/krb5/plugins/kdb/kldap.so
amove usr/lib/libkdb_ldap*
}
pkinit() {
pkgdesc="The PKINIT module for Kerberos 5"
mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/preauth
amove usr/lib/krb5/plugins/preauth/pkinit.so
}
libs() {
pkgdesc="The shared libraries used by Kerberos 5"
depends="krb5-conf"
amove usr/lib
}
sha512sums="
7fd25944ac66074bf21465824f226aa3456a253a7517e7d3cacb7664103b8b033076cc23ee7c7806e7c9f884747c05eac5b1f1cf771b3d1989e5129c36de4bb2 krb5-1.18.5.tar.gz
5c62cbcbf1ef0462323f3392a362b42ed301967a1de80ddcb27eece4fad23efeeb5f04f5af521cfffff36b918bb93813262aa62785e59d6cb5af437a2c9e886d mit-krb5_krb5-config_LDFLAGS.patch
43b9885b7eb8d0d60920def688de482f2b1701288f9acb1bb21dc76b2395428ff304961959eb04ba5eafd0412bae35668d6d2c8223424b9337bc051eadf51682 krb5kadmind.initd
ede15f15bbbc9d0227235067abe15245bb9713aea260d397379c63275ce74aea0db6c91c15d599e40c6e89612d76f3a0f8fdd21cbafa3f30d426d4310d3e2cec krb5kdc.initd
45be0d421efd41e9dd056125a750c90856586e990317456b68170d733b03cba9ecd18ab87603b20e49575e7839fb4a6d628255533f2631f9e8ddb7f3cc493a90 krb5kpropd.initd
"
|
